===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/mktemp/mktemp.1,v
retrieving revision 1.14
retrieving revision 1.15
diff -c -r1.14 -r1.15
*** src/usr.bin/mktemp/mktemp.1	2000/03/05 00:28:57	1.14
--- src/usr.bin/mktemp/mktemp.1	2000/03/10 19:07:22	1.15
***************
*** 1,4 ****
! .\"	$OpenBSD: mktemp.1,v 1.14 2000/03/05 00:28:57 aaron Exp $
  .\"
  .\" Copyright (c) 1996, 2000 Todd C. Miller <Todd.Miller@courtesan.com>
  .\" All rights reserved.
--- 1,4 ----
! .\"	$OpenBSD: mktemp.1,v 1.15 2000/03/10 19:07:22 aaron Exp $
  .\"
  .\" Copyright (c) 1996, 2000 Todd C. Miller <Todd.Miller@courtesan.com>
  .\" All rights reserved.
***************
*** 41,56 ****
  The
  .Nm mktemp
  utility takes the given file name template and overwrites a
! portion of it to create a unique file name.  The template may be
! any file name with some number of
  .Ql X Ns s
  appended
  to it, for example
  .Pa /tmp/temp.XXXXXXXXXX .
  The trailing
  .Ql X Ns s
  are replaced with a combination of the the current process number and
! random letters.  The name chosen depends both on the number of
  .Ql X Ns s
  in the template and the number of collisions with pre-existing files.
  The number of unique file names
--- 41,58 ----
  The
  .Nm mktemp
  utility takes the given file name template and overwrites a
! portion of it to create a unique file name.
! The template may be any file name with some number of
  .Ql X Ns s
  appended
  to it, for example
  .Pa /tmp/temp.XXXXXXXXXX .
+ .Pp
  The trailing
  .Ql X Ns s
  are replaced with a combination of the the current process number and
! random letters.
! The name chosen depends both on the number of
  .Ql X Ns s
  in the template and the number of collisions with pre-existing files.
  The number of unique file names
***************
*** 75,87 ****
  .Nm mktemp
  is provided to allow shell scripts to safely use temporary files.
  Traditionally, many shell scripts take the name of the program with
! the PID as a suffix and use that as a temporary file name.  This
! kind of naming scheme is predictable and the race condition it creates
! is easy for an attacker to win.  A safer, though still inferior approach
! is to make a temporary directory using the same naming scheme.  While
! this does allow one to guarantee that a temporary file will not be
! subverted, it still allows a simple denial of service attack.  For these
! reasons it is suggested that
  .Nm
  be used instead.
  .Pp
--- 77,90 ----
  .Nm mktemp
  is provided to allow shell scripts to safely use temporary files.
  Traditionally, many shell scripts take the name of the program with
! the PID as a suffix and use that as a temporary file name.
! This kind of naming scheme is predictable and the race condition it creates
! is easy for an attacker to win.
! A safer, though still inferior approach
! is to make a temporary directory using the same naming scheme.
! While this does allow one to guarantee that a temporary file will not be
! subverted, it still allows a simple denial of service attack.
! For these reasons it is suggested that
  .Nm
  be used instead.
  .Pp
***************
*** 90,108 ****
  .It Fl d
  Make a directory instead of a file.
  .It Fl q
! Fail silently if an error occurs.  This is useful if
  a script does not want error output to go to standard error.
  .It Fl u
  Operate in
  .Dq unsafe
! mode.  The temp file will be unlinked before
  .Nm
! exits.  This is slightly better than
  .Fn mktemp 3
! but still introduces a race condition.  Use of this
! option is not encouraged.
  .El
! .Sh RETURN VALUES
  The
  .Nm
  utility
--- 93,114 ----
  .It Fl d
  Make a directory instead of a file.
  .It Fl q
! Fail silently if an error occurs.
! This is useful if
  a script does not want error output to go to standard error.
  .It Fl u
  Operate in
  .Dq unsafe
! mode.
! The temp file will be unlinked before
  .Nm
! exits.
! This is slightly better than
  .Fn mktemp 3
! but still introduces a race condition.
! Use of this option is not encouraged.
  .El
! .Pp
  The
  .Nm
  utility
***************
*** 130,137 ****
  .Pp
  Or perhaps you don't want to exit if
  .Nm
! is unable to create the file.  In this case you can protect the
! part of the script thusly.
  .Bd -literal -offset indent
  TMPFILE=`mktemp /tmp/$0.XXXXXXXXXX` && {
  	# Safe to use $TMPFILE in this block
--- 136,143 ----
  .Pp
  Or perhaps you don't want to exit if
  .Nm
! is unable to create the file.
! In this case you can protect the part of the script thusly.
  .Bd -literal -offset indent
  TMPFILE=`mktemp /tmp/$0.XXXXXXXXXX` && {
  	# Safe to use $TMPFILE in this block